Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1854
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 up to and including 3.9.5 and AdRotate Free plugin 3.9 up to and including 3.9.4 for WordPress allows remote malicious users to execute arbitrary SQL commands via the track parameter.
Adrotateplugin Adrotate 3.9.3
Adrotateplugin Adrotate 3.9.2
Adrotateplugin Adrotate 3.9.
Adrotateplugin Adrotate 3.9.1
Adrotateplugin Adrotate 3.9.5
Adrotateplugin Adrotate 3.9.4
1 EDB exploit
NA
CVE-2014-1906
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin prior to 4.29.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) m parameter to lb_status.php; (2) msg parameter to vc_chatlog.ph...
Videowhisper Live Streaming Integration Plugin
Videowhisper Live Streaming Integration Plugin 4.25.3
Videowhisper Live Streaming Integration Plugin 1.0.2
Videowhisper Live Streaming Integration Plugin 4.25
Videowhisper Live Streaming Integration Plugin 4.07
Videowhisper Live Streaming Integration Plugin 4.27
Videowhisper Live Streaming Integration Plugin 4.27.3
Videowhisper Live Streaming Integration Plugin 2.1
Videowhisper Live Streaming Integration Plugin 2.0
Videowhisper Live Streaming Integration Plugin 4.05
Videowhisper Live Streaming Integration Plugin 2.2
1 EDB exploit
NA
CVE-2014-1908
The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin prior to 4.29.5 for WordPress allows remote malicious users to obtain sensitive information via a direct request, which reveals ...
Videowhisper Videowhisper Live Streaming Integration
1 EDB exploit
NA
CVE-2014-1944
Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry.
Ilch Ilch Cms
1 EDB exploit
NA
CVE-2014-1459
SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and previous versions allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. NOTE: this can be leveraged using CSRF to allow remote malicious users to ...
Doorgets Doorgets Cms 3.0
Doorgets Doorgets Cms
Doorgets Doorgets Cms 4.0
1 EDB exploit
NA
CVE-2014-2340
Cross-site request forgery (CSRF) vulnerability in the XCloner plugin prior to 3.1.1 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php.
Xcloner Xcloner
Xcloner Xcloner 2.1.2
Xcloner Xcloner 3.0
Xcloner Xcloner 3.0.3
Xcloner Xcloner 3.0.1
Xcloner Xcloner 3.0.6
Xcloner Xcloner 3.0.8
Xcloner Xcloner 3.0.7
Xcloner Xcloner 3.0.5
Xcloner Xcloner 3.0.2
Xcloner Xcloner 3.0.4
Xcloner Xcloner 2.2.1
Xcloner Xcloner 2.1
1 EDB exploit
NA
CVE-2014-2540
SQL injection vulnerability in OrbitScripts Orbit Open Ad Server prior to 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_directory.
Orbitscripts Orbit Open Ad Server
1 EDB exploit
NA
CVE-2012-1935
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4.x prior to 4 RC4 allow remote malicious users to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_...
Sourcefabric Newscoop 4
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
1 EDB exploit
NA
CVE-2012-2275
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and previous versions allow remote malicious users to hijack the authentication of users for requests that add, delete, or modify sensitive information, as demonstrated by changing the administrator'...
Teamst Testlink 1.8
Teamst Testlink 1.7.4
Teamst Testlink 1.8.1
Teamst Testlink 1.7.3
Teamst Testlink 1.8.0
Teamst Testlink 1.8.2
Teamst Testlink 1.8.4
Teamst Testlink
Teamst Testlink 1.7.2
Teamst Testlink 1.8.3
Teamst Testlink 1.7.0
Teamst Testlink 1.7.1
Teamst Testlink 1.7
1 EDB exploit
NA
CVE-2012-4901
Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the themes_editor parameter in an add_template action to admin/index.php.
Template Cms Project Template Cms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »